#correctness
Rulesets (18)
A collection of opinionated rules for best practices in popular languages. Recommended for users who want really strict coding standards.
Find common bugs, errors, and logic issues in popular languages.
Yoann PadioleauDefault ruleset for OCaml, by Semgrep
Grayson HardawayRuleset accompanying Semgrep OWASP presentation.
r2cScan for runtime errors, logic bus, and high-confidence security vulnerabilities. Recommended for use in CI to block serious issues from reaching production.
Use recommended rulesets specific to your project. Auto config is not a ruleset but a mode that scans for languages and frameworks and then uses the Semgrep Registry to select recommended rules. Semgrep will send a list of languages, frameworks, and your project URL to the Registry when using auto mode (but code is never uploaded).
Security checks for docker-compose configuration files.
Security checks for kubernetes configuration files.
Rules for linting Semgrep rule YAML files for errors or performance problems
Written by the Trail of Bits security experts. See https://github.com/trailofbits/semgrep-rules for more.
Use Semgrep as a universal linter to identify vulnerabilities and code smells in your code base with the eslint rule pack.
Use Semgrep as a universal linter to identify vulnerabilities and code smells in your code base with the eslint rule pack.
r2cScan for runtime errors, logic bus, and high-confidence security vulnerabilities. Recommended for use in CI to block serious issues from reaching production. Supports Python, Java, JavaScript, and Go.
r2cScan for runtime errors, logic bus, and high-confidence security vulnerabilities. Recommended for use in CI to block serious issues from reaching production.
r2cScan for runtime errors, logic bus, and high-confidence security vulnerabilities. Recommended for use in CI to block serious issues from reaching production.
Mobile Security FrameworkWritten by the MobSF team. See https://github.com/MobSF/mobsfscan for more.
Grayson HardawayRuleset for OWASP SF
Rules for finding odd Go code. See github.com/dgryski/semgrep-go to contribute.